Try our new research platform with insights from 80,000+ expert users
Darktrace Logo

Darktrace pros and cons

Vendor: Darktrace
4.1 out of 5
Badge Ranked 1
1,923 followers
Start review

Pros & Cons summary

Darktrace offers stable performance with zero downtime, using AI for automated threat detection and response, reducing human intervention needs. Antigena enhances threat protection with immediate responses. Darktrace excels in monitoring network behavior but lacks endpoint integration. Improvements are needed in automation, false-positive reporting, documentation, and support. Pricing lacks flexibility, and integration with security tools is limited. AI enhances phishing detection, valuable for cybersecurity.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Darktrace provides stable and reliable performance, consistently rated highly for stability and lack of downtime.
The alerts generated by Darktrace are meaningful and help in actionable threat management, avoiding unnecessary noise.
The AI-driven features of Darktrace allow for effective autonomous threat detection and response, minimizing the need for large analyst teams.
Darktrace's machine learning capabilities effectively identify threats using unsupervised learning, providing comprehensive network security insights.
The Antigena feature in Darktrace offers an immediate autonomous response to threats, enhancing the organization's security posture significantly.

CONS

Darktrace is expensive, and pricing could be more flexible.
Darktrace lacks endpoint protection and requires more visibility at the endpoint level.
Darktrace needs improvement in automation and generating too many false positives that require significant tuning.
Darktrace struggles with integration capabilities, limiting orchestration and collaboration with third-party platforms.
Darktrace requires more effective documentation and community support.
 

Darktrace Pros review quotes

VI
Dec 16, 2020
It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk.
Read full review
ADITYA KAUSHIK - PeerSpot reviewer
Aug 22, 2024
Darktrace provides better visibility into network risks, allowing you to take preemptive action against risky user behavior.
Read full review
AM
Jun 5, 2025
I can rate Darktrace's technical support as one of the best products in the world.
Read full review
Buyer's Guide
Darktrace
June 2025
Free Report: Darktrace Reviews and More
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
OO
Aug 20, 2019
A simple, powerful AI solution that just does all the work for you when you turn it on.
Read full review
IA
Jul 7, 2021
I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network.
Read full review
Graham Peck - PeerSpot reviewer
Jan 26, 2020
Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue.
Read full review
DaliaHassen - PeerSpot reviewer
Mar 14, 2023
The solution is outstanding from a monitoring perspective.
Read full review
MP
Jul 29, 2024
The autonomous response is also highly designed in Darktrace.
Read full review
reviewer1509096 - PeerSpot reviewer
Feb 24, 2021
In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful.
Read full review
Malebo Lethoba Group - PeerSpot reviewer
May 13, 2025
The technical support from Darktrace is very good, including support from their resellers.
Read full review
Show 10 more reviews (out of 79)
 

Darktrace Cons review quotes

VI
Dec 16, 2020
It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace.
Read full review
ADITYA KAUSHIK - PeerSpot reviewer
Aug 22, 2024
Darktrace needs significant improvement in its notification capabilities.
Read full review
AM
Jun 5, 2025
Pricing bothers me and this is one of the major factors when choosing a solution.
Read full review
Buyer's Guide
Darktrace
June 2025
Free Report: Darktrace Reviews and More
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
OO
Aug 20, 2019
It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal.
Read full review
IA
Jul 7, 2021
In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from.
Read full review
Graham Peck - PeerSpot reviewer
Jan 26, 2020
The product doesn't have an endpoint agent that can react to triggers set on the device,
Read full review
DaliaHassen - PeerSpot reviewer
Mar 14, 2023
Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides.
Read full review
MP
Jul 29, 2024
Darktrace should have more automation and integrations with other security monitoring tools.
Read full review
reviewer1509096 - PeerSpot reviewer
Feb 24, 2021
In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions.
Read full review
Malebo Lethoba Group - PeerSpot reviewer
May 13, 2025
In a shared environment, it doesn't work, and there are still some integration issues.
Read full review
Show 10 more reviews (out of 78)

Product Categories

Product Categories
Extended Detection and Response (XDR)
Email Security
Intrusion Detection and Prevention Software (IDPS)
Network Traffic Analysis (NTA)
Network Detection and Response (NDR)
AI-Powered Chatbots
Cloud Security Posture Management (CSPM)
Cloud-Native Application Protection Platforms (CNAPP)
Attack Surface Management (ASM)
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
Cloudflare vs Darktrace Logo
Cloudflare vs Darktrace
CrowdStrike Falcon vs Darktrace Logo
CrowdStrike Falcon vs Darktrace
Wazuh vs Darktrace Logo
Wazuh vs Darktrace
Wiz vs Darktrace Logo
Wiz vs Darktrace
Microsoft Defender for Office 365 vs Darktrace Logo
Microsoft Defender for Office 365 vs Darktrace
Microsoft Defender for Cloud vs Darktrace Logo
Microsoft Defender for Cloud vs Darktrace
Prisma Cloud by Palo Alto Networks vs Darktrace Logo
Prisma Cloud by Palo Alto Networks vs Darktrace
SentinelOne Singularity Complete vs Darktrace Logo
SentinelOne Singularity Complete vs Darktrace
Cortex XDR by Palo Alto Networks vs Darktrace Logo
Cortex XDR by Palo Alto Networks vs Darktrace
IBM Security QRadar vs Darktrace Logo
IBM Security QRadar vs Darktrace
Trellix Endpoint Security Platform vs Darktrace Logo
Trellix Endpoint Security Platform vs Darktrace
Proofpoint Email Protection vs Darktrace Logo
Proofpoint Email Protection vs Darktrace
Tenable Security Center vs Darktrace Logo
Tenable Security Center vs Darktrace
Cloudflare One vs Darktrace Logo
Cloudflare One vs Darktrace
Trend Vision One vs Darktrace Logo
Trend Vision One vs Darktrace
See all alternatives

Product Categories

Product Categories
Extended Detection and Response (XDR)
Email Security
Intrusion Detection and Prevention Software (IDPS)
Network Traffic Analysis (NTA)
Network Detection and Response (NDR)
AI-Powered Chatbots
Cloud Security Posture Management (CSPM)
Cloud-Native Application Protection Platforms (CNAPP)
Attack Surface Management (ASM)
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
Cloudflare vs Darktrace Logo
Cloudflare vs Darktrace
CrowdStrike Falcon vs Darktrace Logo
CrowdStrike Falcon vs Darktrace
Wazuh vs Darktrace Logo
Wazuh vs Darktrace
Wiz vs Darktrace Logo
Wiz vs Darktrace
Microsoft Defender for Office 365 vs Darktrace Logo
Microsoft Defender for Office 365 vs Darktrace
Microsoft Defender for Cloud vs Darktrace Logo
Microsoft Defender for Cloud vs Darktrace
Prisma Cloud by Palo Alto Networks vs Darktrace Logo
Prisma Cloud by Palo Alto Networks vs Darktrace
SentinelOne Singularity Complete vs Darktrace Logo
SentinelOne Singularity Complete vs Darktrace
Cortex XDR by Palo Alto Networks vs Darktrace Logo
Cortex XDR by Palo Alto Networks vs Darktrace
IBM Security QRadar vs Darktrace Logo
IBM Security QRadar vs Darktrace
Trellix Endpoint Security Platform vs Darktrace Logo
Trellix Endpoint Security Platform vs Darktrace
Proofpoint Email Protection vs Darktrace Logo
Proofpoint Email Protection vs Darktrace
Tenable Security Center vs Darktrace Logo
Tenable Security Center vs Darktrace
Cloudflare One vs Darktrace Logo
Cloudflare One vs Darktrace
Trend Vision One vs Darktrace Logo
Trend Vision One vs Darktrace
See all alternatives
Related questions
  • 34
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
  • 496
Which is better - SentinelOne or Darktrace?
  • 278
What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
  • 112
Which alternative solutions (other than Darktrace) do you recommend for an SMB?
  • 94
How does Crowdstrike Falcon compare with Darktrace?
  • 64
What is the best EDR or XDR product for a company with 9000 employees?
  • 11
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
  • 271
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 113
Which is better for Endpoint Security: EDR or XDR solutions?
  • 145
What are the main differences between XDR and SIEM?